pike.git / lib / modules / __builtin.pmod / Nettle.pmod / Hash.pike

version» Context lines:

pike.git/lib/modules/__builtin.pmod/Nettle.pmod/Hash.pike:144:    protected zero|string(8bit) okey; /* opad XOR:ed with the key */       protected zero|global::State h;       //! @param passwd    //! The secret password (K).    //!    //! @param b    //! Block size. Must be larger than or equal to the @[digest_size()].    //! Defaults to the @[block_size()]. -  protected void create (string(8bit) passwd, void|int b) +  protected void create (string(8bit) passwd, int(1..) b = block_size())    { -  if (!b) -  b = block_size(); -  else if (digest_size()>b) +  if (digest_size()>b)    error("Block size is less than hash digest size.\n");    if (sizeof(passwd) > b)    passwd = hash(passwd);    if (sizeof(passwd) < b) -  passwd = passwd + "\0" * (b - sizeof(passwd)); +  passwd = passwd + "\0" * [int(1..)](b - sizeof(passwd));       ikey = [string(8bit)](passwd ^ ("6" * b));    okey = [string(8bit)](passwd ^ ("\\" * b));    }       string(8bit) name()    {    return [string(8bit)]sprintf("HMAC(%s)", global::name());    }   
pike.git/lib/modules/__builtin.pmod/Nettle.pmod/Hash.pike:249:    "alg":jwa(),    "k": MIME.encode_base64url(([string]ikey) ^ ("6" * block_size())),    ]);    return jwk;    }    }       //! Returns a new @[State] object initialized with a @[password],    //! and optionally block size @[b]. Block size defaults to the hash    //! function block size. -  protected State `()(string(8bit) password, void|int b) +  protected State `()(string(8bit) password, int(1..) b = block_size())    { -  if (!b || (b == block_size())) { +  if (b == block_size()) {    return State(password);    }    // Unusual block size.    // NB: Nettle's implementation of HMAC doesn't support    // non-standard block sizes, so always use the    // generic implementation in this case.    return local::State(password, b);    }      //! @ignore
pike.git/lib/modules/__builtin.pmod/Nettle.pmod/Hash.pike:295:   //! Implements the algorithm described in   //! @url{http://www.akkadia.org/drepper/SHA-crypt.txt@}.   //!   //! This is the algorithm used by @tt{crypt(2)@} in   //! methods @tt{$5$@} (SHA256) and @tt{$6$@} (SHA512).   //!   //! @seealso   //! @[crypt_md5()]   string(7bit) crypt_hash(string(8bit) password, string(8bit) salt, int(0..) rounds)   { -  int dsz = digest_size(); -  int plen = sizeof(password); +  int(1..) dsz = [int(1..)]digest_size(); +  int(0..) plen = sizeof(password);       if (!rounds) rounds = 5000;    if (rounds < 1000) rounds = 1000;    if (rounds > 999999999) rounds = 999999999;       // FIXME: Send the first param directly to create()?    State hash_obj = State();       function(string(8bit):State) update = hash_obj->update;    function(:string(8bit)) digest = hash_obj->digest;
pike.git/lib/modules/__builtin.pmod/Nettle.pmod/Hash.pike:340:    }       string(8bit) a = digest(); /* 12 */       for (int i = 0; i < plen; i++) /* 14 */    update(password);       string(8bit) dp = digest(); /* 15 */       if (dsz != plen) { -  dp *= 1 + (plen-1)/dsz; /* 16 */ +  dp *= [int(1..)](1 + (plen-1)/dsz); /* 16 */    dp = dp[..plen-1];    }       for(int i = 0; i < 16 + (a[0] & 0xff); i++) /* 18 */    update(salt);       string(8bit) ds = digest(); /* 19 */       if (dsz != sizeof(salt)) { -  ds *= 1 + (sizeof(salt)-1)/dsz; /* 20 */ +  ds *= [int(1..)](1 + (sizeof(salt)-1)/dsz); /* 20 */    ds = ds[..sizeof(salt)-1];    }       for (int r = 0; r < rounds; r++) { /* 21 */    if (r & 1)    crypt_add(dp, plen); /* b */    else /* c */    update(a);       if (r % 3) /* d */
pike.git/lib/modules/__builtin.pmod/Nettle.pmod/Hash.pike:562:   string(8bit) pbkdf2(string(8bit) password, string(8bit) salt,    int rounds, int bytes)   {    if( rounds <=0 )    error("Rounds needs to be 1 or higher.\n");       object(_HMAC.State) hmac = HMAC(password);    password = "CENSORED";       string(8bit) res = ""; -  int dsz = digest_size(); +  int(0..) dsz = digest_size();    int fragno;    while (sizeof(res) < bytes) {    string(8bit) frag = "\0" * dsz;    string(8bit) buf = salt + sprintf("%4c", ++fragno);    for (int j = 0; j < rounds; j++) {    buf = hmac(buf);    frag ^= buf;    }    res += frag;    }
pike.git/lib/modules/__builtin.pmod/Nettle.pmod/Hash.pike:793:    if (!mgf) mgf = mgf1;       // EME-OAEP encoding (see Figure 1 below):    // a. If the label L is not provided, let L be the empty string. Let    // lHash = Hash(L), an octet string of length hLen (see the note below).    if (!label) label = "";    string(8bit) lhash = hash([string]label);       // b. Generate an octet string PS consisting of k - mLen - 2hLen - 2    // zero octets. The length of PS may be zero. -  string(8bit) ps = "\0" * (bytes - (sizeof(message) + 2*hlen + 2)); +  string(8bit) ps = "\0" * [int(0..)](bytes - (sizeof(message) + 2*hlen + 2));       // c. Concatenate lHash, PS, a single octet with hexadecimal value    // 0x01, and the message M to form a data block DB of length    // k - hLen - 1 octets as    //    // DB = lHash || PS || 0x01 || M.    string(8bit) db = lhash + ps + "\1" + message;       // d. Generate a random octet string seed of length hLen.    /* Supplied by caller. */
pike.git/lib/modules/__builtin.pmod/Nettle.pmod/Hash.pike:938:   //! Mask generation function to use.   //! Defaults to @[mgf1()].   //!   //! @returns   //! Returns the signature digest on success and @expr{0@} (zero)   //! on failure (typically too few bits to represent the result).   //!   //! @seealso   //! @[emsa_pss_verify()], @[mgf1()].   string(8bit)|zero emsa_pss_encode(string(8bit) message, int(1..) bits, -  string(8bit)|void salt, +  string(8bit) salt = "",    function(string(8bit), int(0..): -  string(8bit))|void mgf) +  string(8bit)) mgf = mgf1)   { -  if (!mgf) mgf = mgf1; -  if (!salt) salt = ""; -  +     // 1. If the length of M is greater than the input limitation for the    // hash function (2^61 - 1 octets for SHA-1), output "message too    // long" and stop.    /* N/A */    -  int emlen = (bits+7)/8; +  int(1..) emlen = [int(1..)]((bits+7)/8);       // 3. If emLen < hLen + sLen + 2, output "encoding error" and stop.    if (emlen < sizeof([string]salt) + digest_size() + 2) return 0;       // 2. Let mHash = Hash(M), an octet string of length hLen.    string(8bit) mhash = hash(message);       // 4. Generate a random octet string salt of length sLen; if sLen = 0,    // then salt is the empty string.    /* N/A - Passed as argument. */
pike.git/lib/modules/__builtin.pmod/Nettle.pmod/Hash.pike:974:    // M' = (0x)00 00 00 00 00 00 00 00 || mHash || salt;    // M' is an octet string of length 8 + hLen + sLen with eight initial    // zero octets.    string(8bit) m = "\0\0\0\0\0\0\0\0" + mhash + [string]salt;       // 6. Let H = Hash(M'), an octet string of length hLen.    string(8bit) h = hash(m);       // 7. Generate an octet string PS consisting of emLen - sLen - hLen - 2    // zero octets. The length of PS may be 0. -  string(8bit) ps = "\0" * (emlen - (sizeof([string]salt) + sizeof(h) + 2)); +  string(8bit) ps = "\0" * +  [int(0..)](emlen - (sizeof([string]salt) + sizeof(h) + 2));       // 8. Let DB = PS || 0x01 || salt; DB is an octet string of length    // emLen - hLen - 1.    string(8bit) db = ps + "\1" + [string]salt;       // 9. Let dbMask = MGF(H, emLen - hLen - 1).    string(8bit) dbmask = mgf(h, [int(1..)](emlen - (sizeof(h) + 1)));       // 10. Let maskedDB = DB \xor dbMask.    string(8bit) maskeddb = [string(8bit)](db ^ dbmask);